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AMENDMENTS TO THE CLAIMS 

1. (Currently Amended) A method, comprising the computer-implemented steps of: 
receiving trust information defining one or more trusted signatories; 

receiving, in association with a particular configuration directive, security information 
defining a number of required signatures and required principals; 

receiving configuration information comprising a hostname, one or more configuration 
directives for a host network element associated with the hostname, and two or 
more digital signatures of the hostname and configuration directives; 

wherein the configuration information includes the particular configuration directive; 

wherein the two or more digital signatures comprise a first digital signature of a first 
portion of the one or more configuration directives by a first user, and a second 
digital signature of a second portion of the one or more configuration directives 
by a second user; 

attempting to verify the two or more digital signatures based on the trust information and 

the security information; 
verifying that the two or more digital signatures are valid and that two or more principals 

respectively associated with the two or more digital signatures have collective 

authority to perform the configuration directives on the host network element; 
applying the configuration directives to the host network element only when the two or 

more digital signatures are verified successfully; 
wherein applying the configuration directives comprises applying the particular 

configuration directive only when the configuration information has the number 

of required signatures by the required principals; 
wherein the steps of the method are performed by the host network element . 

2. (Canceled) 

3. (Canceled) 
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4. (Previously Presented) A method as recited in Claim 1, wherein applying the 
particular configuration directive comprises applying the particular configuration 
directive only when the configuration information has the number of required signatures 
by the required principals and only upon successively validating all required signatures. 

5. (Previously Presented) A method as recited in Claim 1, wherein the two or more 
digital signatures use public key cryptography, and wherein public keys for the two or 
more digital signatures are stored on the host. 

6. (Previously Presented) A method as recited in Claim 1, wherein the two or more 
digital signatures use public key cryptography, wherein public keys for the two or more 
digital signatures are stored on a key server and retrieved from the key server as part of 
attempting to validate the two or more digital signatures. 

7. (Previously Presented) A method as recited in Claim 1 , wherein the two or more 
digital signatures use public key cryptography, and wherein public keys for the two or 
more digital signatures are received in a digital certificate and extracted from the digital 
certificate as part of attempting to validate the two or more digital signatures. 

8. (Currently Amended) A method, comprising the computer-implemented steps of: 
receiving trust information defining one or more trusted signatories; 

receiving configuration control information that includes a time period during which a 
valid digital signature is required for applying one or more particular 
configuration directives; 

receiving configuration information comprising a hostname, one or more configuration 
directives for a host network element associated with the hostname, one or more 
digital signatures of the hostname and configuration directives, and a date-time 
value; 

determining if the date-time value is within the time period; 

determining if the one or more configuration directives have been previously received 
during the time period; and 
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only when the date-time value is within the time period and the one or more 

configuration directives have not been previously received during the time period, 
attempting to verify the one or more digital signatures based on the trust 
information, and applying the configuration directives to [[a]] the host network 
element only when the one or more digital signatures are verified successfully; 

wherein the steps of the method are performed by the host network element . 

9. (Original) A method as recited in Claim 8, wherein the step of determining if the one 
or more configuration directives have been previously received during the time period 
comprises the steps of: 

generating a secure hash of the one or more configuration directives; 
determining if the secure hash is found in memory. 



10. (Original) A method as recited in Claim 8, wherein the step of determining if the one 
or more configuration directives have been previously received during the time period 
comprises the steps of: 

generating a secure hash of the one or more configuration directives; 
determining if the secure hash is found in non-volatile memory. 



11. (Original) A method as recited in Claim 8, further comprising the step of storing the 
secure hash in non- volatile memory, in association with an expiration value, when the 
date-time value is within the time period and the one or more configuration directives 
have not been previously received during the time period. 



12. (Currently Amended) A method as recited in Claim 8, further comprising the steps of: 
verifying that the one or more digital signatures is valid and that one or more principals 
respectively associated with the digital signatures have collective authority to 
perform the directives on the host network element . 



13. (Original) A method as recited in Claim 8, further comprising the steps of: 
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receiving, in association with a particular configuration directive, security information 
defining a number of required signatures and required principals; 

applying the particular configuration directive only when the configuration information 
has the number of required signatures by the required principals. 

14. (Original) A method as recited in Claim 8, further comprising the steps of: 
receiving, in association with a particular configuration directive, security information 

defining a number of required signatures and required principals; 
applying the particular configuration directive only when the configuration information 
has the number of required signatures by the required principals and only upon 
successively validating all required signatures. 

15. (Original) A method as recited in Claim 8, wherein the digital signatures use public 
key cryptography, and wherein public keys for the digital signatures are stored on the 
host. 

16. (Original) A method as recited in Claim 8, wherein the digital signatures use public 
key cryptography, wherein public keys for the digital signatures are stored on a key 
server and retrieved from the key server as part of attempting to validate the digital 
signatures. 

17. (Original) A method as recited in Claim 8, wherein the digital signatures use public 
key cryptography, and wherein public keys for the digital signatures received in a digital 
certificate and extracted from the digital certificate as part of attempting to validate the 
digital signatures. 

18. (Currently Amended) A method for verifying configuration changes for network devices 
using digital signatures, comprising the computer-implemented steps of: 

receiving a public key for a user of the network devices; 
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receiving configuration control information that includes a time period during which a 
valid digital signature is required for applying one or more particular 
configuration directives to a specified network device; 

receiving configuration information comprising a hostname, one or more configuration 
directives for the specified network device associated with the hostname, one or 
more digital signatures of the hostname and configuration directives, and a date- 
time value; 

determining if the date-time value is within the time period; 

determining if the one or more configuration directives have been previously received 
during the time period, by generating a secure hash of the one or more 
configuration directives and determining if the secure hash is found in memory; 
and 

only when the date-time value is within the time period and the one or more 

configuration directives have not been previously received during the time period, 
performing the steps of: 

attempting to verify the one or more digital signatures based on generating a 

secure hash of the one or more configuration directives using the public 
key and comparing the secure hash to the one or more digital signatures, 

and applying the configuration directives to [[a]] the specified network element 
device only when the one or more digital signatures are verified 
successfully; 

wherein the steps of the method are performed by the specified network device . 

19. (Original) A method as recited in any of Claims 1, 8, or 18, wherein the one or more 
digital signatures comprise a first digital signature of the one or more configuration 
directives by a first user, and a second digital signature by a second user, wherein the 
second digital signature is applied to a resultant of the first digital signature. 

20. (Currently Amended) A method as recited in any of Claims h 8 T or 18, wherein the one 
or more digital signatures comprise a first digital signature of a first portion of the one or 
more configuration directives by a first user, a second digital signature of a second 
portion of the one or more configuration directives by a second user, and a third digital 
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signature by a third user, wherein the third digital signature is applied to a resultant of the 
first digital signature and the second digital signature. 

21 . (Currently Amended) A computer-readable volatile or non- volatile medium 
storing one or more sequences of instructions for verifying configuration changes for 
network devices using digital signatures, which instructions, when executed by one or 
more processors, cause the one or more processors to carry out the steps of: 
receiving trust information defining one or more trusted signatories; 

receiving, in association with a particular configuration directive, security information 
defining a number of required signatures and required principals; 

receiving configuration information comprising a hostname, one or more configuration 
directives for a host network element associated with the hostname, and two or 
more digital signatures of the hostname and configuration directives; 

wherein the configuration information includes the particular configuration directive; 

wherein the two or more digital signatures comprise a first digital signature of a first 

portion of the one or more configuration directives by a first user, and a second 
digital signature of a second portion of the one or more configuration directives 
by a second user; 

attempting to verify the two or more digital signatures based on the trust information and 

the security information; 
verifying that the two or more digital signatures are valid and that two or more principals 

respectively associated with the two or more digital signatures have collective 

authority to perform the configuration directives on the host network element; 
applying the configuration directives to the host network element only when the two or 

more digital signatures are verified successfully; 
wherein applying the configuration directives comprises applying the particular 

configuration directive only when the configuration information has the number 

of required signatures by the required principals. 

22. (Canceled) 



Docket No.: 50325-0864 



9 



Ser. No. 10/822,927 filed 04/12/2004 
Lear - GAU 2436 (Johnson) 
Amendment and Reply with RCE 

23. (Previously Presented) A computer-readable volatile or non- volatile medium as 
recited in Claim 21, wherein the two or more digital signatures comprise a first digital 
signature of the one or more configuration directives by a first user, and a second digital 
signature by a second user, wherein the second digital signature is applied to a resultant 
of the first digital signature. 

24. (Currently Amended) A computer-readable volatile or non- volatile medium as recited in 
Claim 21, wherein the two or more digital signatures further comprise a first digital 
signature of a first portion of the one or more configuration directives by a first user, a 
second digital signature of a second portion of the one or more configuration directives 
by a second user, and a third digital signature by a third user, wherein the third digital 
signature is applied to a resultant of the first digital signature and the second digital 
signature. 

25. (Currently Amended) An apparatus for verifying configuration changes for network 
devices using digital signatures, comprising: 

means for receiving trust information defining one or more trusted signatories; 

means for receiving, in association with a particular configuration directive, security 
information defining a number of required signatures and required principals; 

means for receiving configuration information comprising a hostname, one or more 

configuration directives for a host network element associated with the hostname, 
and two or more digital signatures of the hostname and configuration directives; 

wherein the configuration information includes the particular configuration directive; 

wherein the two or more digital signatures comprise a first digital signature of a first 
portion of the one or more configuration directives by a first user, and a second 
digital signature of a second portion of the one or more configuration directives 
by a second user; 

means for attempting to verify the two or more digital signatures based on the trust 

information and the security information; 
means for verifying that the two or more digital signatures are valid and that two or more 

principals respectively associated with the two or more digital signatures have 
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collective authority to perform the configuration directives on the host network 
element; 

means for applying the configuration directives to the host network element only when 
the two or more digital signatures are verified successfully; 

wherein the means for applying the configuration directives comprise means for applying 
the particular configuration directive only when the configuration information has 
the number of required signatures by the required principals. 

26. (Canceled) 

27. (Previously Presented) An apparatus as recited in Claim 25, wherein the two or 
more digital signatures comprise a first digital signature of the one or more configuration 
directives by a first user, and a second digital signature by a second user, wherein the 
second digital signature is applied to a resultant of the first digital signature. 

28. (Currently Amended) An apparatus as recited in Claim 25, wherein the two or more 
digital signatures further comprise a first digital signature of a first portion of the one or 
more configuration directives by a first user, a second digital signature of a second 
portion of the one or more configuration directives by a second user, and a third digital 
signature by a third user, wherein the third digital signature is applied to a resultant of the 
first digital signature and the second digital signature. 

29. (Currently Amended) An apparatus for verifying configuration changes for network 
devices using digital signatures, comprising: 

a network interface that is coupled to the data network for receiving one or more packet 

flows therefrom; 
a processor; 

one or more stored sequences of instructions which, when executed by the processor, 
cause the processor to carry out the steps of: 

receiving trust information defining one or more trusted signatories; 
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receiving, in association with a particular configuration directive, security 
information defining a number of required signatures and required 
principals; 

receiving configuration information comprising a hostname, one or more 

configuration directives for a host network element associated with the 
hostname, and two or more digital signatures of the hostname and 
configuration directives; 

wherein the configuration information includes the particular configuration 
directive; 

wherein the two or more digital signatures comprise a first digital signature of a 
first portion of the one or more configuration directives by a first user, and 
a second digital signature of a second portion of the one or more 
configuration directives by a second user; 

attempting to verify the two or more digital signatures based on the trust 
information and the security information; 

verifying that the two or more digital signatures are valid and that two or more 
principals respectively associated with the two or more digital signatures 
have collective authority to perform the configuration directives on the 
host network element; 

applying the configuration directives to the host network element only when the 
two or more digital signatures are verified successfully; 

wherein applying the configuration directives comprises applying the particular 
configuration directive only when the configuration information has the 
number of required signatures by the required principals. 

30. (Canceled) 

3 1 . (Previously Presented) An apparatus as recited in Claim 29, wherein the two or 
more digital signatures comprise a first digital signature of the one or more configuration 
directives by a first user, and a second digital signature by a second user, wherein the 
second digital signature is applied to a resultant of the first digital signature. 
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32. (Currently Amended) An apparatus as recited in Claim 29, wherein the two or more 
digital signatures further comprise a first digital signature of a first portion of the one or 
more configuration directives by a first user, a second digital signature of a second 
portion of the one or more configuration directives by a second user, and a third digital 
signature by a third user, wherein the third digital signature is applied to a resultant of the 
first digital signature and the second digital signature. 

33. (Canceled) 

34. (Previously Presented) A computer-readable volatile or non- volatile medium as 
recited in Claim 21, wherein the instructions that cause the one or more processors to 
perform the step of applying the particular configuration directive comprise instructions 
which, when executed by the one or more processors, cause the one or more processors to 
perform the step of applying the particular configuration directive only when the 
configuration information has the number of required signatures by the required 
principals and only upon successively validating all required signatures. 

35. (Previously Presented) A computer-readable volatile or non-volatile medium as 
recited in Claim 21, wherein the two or more digital signatures use public key 
cryptography, and wherein public keys for the two or more digital signatures are stored 
on the host network element. 

36. (Previously Presented) A computer-readable volatile or non-volatile medium as 
recited in Claim 21, wherein the two or more digital signatures use public key 
cryptography, wherein public keys for the digital signatures are stored on a key server 
and retrieved from the key server as part of attempting to validate the two or more digital 
signatures. 

37. (Previously Presented) A computer-readable volatile or non- volatile medium as 
recited in Claim 21, wherein the two or more digital signatures use public key 
cryptography, and wherein public keys for the two or more digital signatures are received 
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in a digital certificate and extracted from the digital certificate as part of attempting to 
validate the two or more digital signatures. 

38. (Canceled) 

39. (Previously Presented) An apparatus as recited in Claim 25, wherein the means for 
applying the particular configuration directive comprise means for applying the particular 
configuration directive only when the configuration information has the number of 
required signatures by the required principals and only upon successively validating all 
required signatures. 

40. (Previously Presented) An apparatus as recited in Claim 25, wherein the two or 
more digital signatures use public key cryptography, and wherein public keys for the two 
or more digital signatures are stored on the host network element. 

41 . (Previously Presented) An apparatus as recited in Claim 25, wherein the two or 
more digital signatures use public key cryptography, wherein public keys for the two or 
more digital signatures are stored on a key server and retrieved from the key server as 
part of attempting to validate the two or more digital signatures. 

42. (Previously Presented) An apparatus as recited in Claim 25, wherein the two or 
more digital signatures use public key cryptography, and wherein public keys for the two 
or more digital signatures are received in a digital certificate and extracted from the 
digital certificate as part of attempting to validate the two or more digital signatures. 

43. (Canceled) 

44. (Previously Presented) An apparatus as recited in Claim 29, wherein the 
instructions that cause the processor to perform the step of applying the particular 
configuration directive comprise instructions which, when executed by the one or more 
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processors, cause the processor to perform the step of applying the particular 
configuration directive only when the configuration information has the number of 
required signatures by the required principals and only upon successively validating all 
required signatures. 



45. (Previously Presented) An apparatus as recited in Claim 29, wherein the two or 
more digital signatures use public key cryptography, and wherein public keys for the two 
or more digital signatures are stored on the host network element. 

46. (Previously Presented) An apparatus as recited in Claim 29, wherein the two or 
more digital signatures use public key cryptography, wherein public keys for the two or 
more digital signatures are stored on a key server and retrieved from the key server as 
part of attempting to validate the two or more digital signatures. 

47. (Previously Presented) An apparatus as recited in Claim 29, wherein the two or 
more digital signatures use public key cryptography, and wherein public keys for the two 
or more digital signatures are received in a digital certificate and extracted from the 
digital certificate as part of attempting to validate the two or more digital signatures. 
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